1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-23 22:10:55 +01:00

Validate settings before writing them to the user cache

Summary:
Fixes T11960. In D16998 I removed some code which validated settings on read to improve performance, but lost this replacement validation in shuffling the patch stack.

This restores similar validation before we write the cache. This has the same effect, it's just faster.

Also, bump the cache key to wipe out anything that got bitten (like my account on `secure` rendering dates wrong).

Test Plan:
  - Edited settings, verified the edits held.
  - Faked invalid settings, saw the check throw exceptions.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11960

Differential Revision: https://secure.phabricator.com/D17008
This commit is contained in:
epriestley 2016-12-07 12:48:04 -08:00
parent e8d9c676b1
commit 4950926130

View file

@ -5,7 +5,7 @@ final class PhabricatorUserPreferencesCacheType
const CACHETYPE = 'preferences';
const KEY_PREFERENCES = 'user.preferences.v1';
const KEY_PREFERENCES = 'user.preferences.v2';
public function getAutoloadKeys() {
return array(
@ -47,6 +47,16 @@ final class PhabricatorUserPreferencesCacheType
foreach ($all_settings as $key => $setting) {
$value = $preference->getSettingValue($key);
try {
id(clone $setting)
->setViewer($viewer)
->assertValidValue($value);
} catch (Exception $ex) {
// If the saved value isn't valid, don't cache it: we'll use the
// default value instead.
continue;
}
// As an optimization, we omit the value from the cache if it is
// exactly the same as the hardcoded default.
$default_value = id(clone $setting)